package com.owen.oauth2.webflux.init.config;

import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;

@EnableWebFluxSecurity
public class SecurityConfig {

    @Bean
    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
//        byte[] data=null;
//        try(InputStream inputStream = new ClassPathResource("public.cert").getInputStream()) {
//            data=new byte[inputStream.available()];
//            inputStream.read(data);
//        };
//        RSAPublicKey rsaPublicKey=new RSAPublicKeyImpl(data);
        http
                .authorizeExchange()
                .anyExchange().hasAuthority("SCOPE_all")
                .and()
                .oauth2ResourceServer()
                .jwt();
        return http.build();
    }
}
